SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Johannes B. Ullrich

A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .

Episodes

Mentioned books

Dec 9, 2019 • 6min

ISC StormCast for Monday, December 9th 2019

E-Mail Includes Entire HTML/Javascript Phishing Kit https://isc.sans.edu/forums/diary/Phishing+with+a+selfcontained+credentialsstealing+webpage/25580/ Great Canon / Red Canon Activated to Silence Pro Hongkong Forum https://cybersecurity.att.com/blogs/labs-research/the-great-cannon-has-been-deployed-again

Dec 6, 2019 • 14min

ISC StormCast for Friday, December 6th 2019

OpenBSD Authentication Bypass and Privilege Escalation Vulnerability https://www.qualys.com/2019/12/04/cve-2019-19521/authentication-vulnerabilities-openbsd.txt?_ga=2.58244398.587934852.1575530822-682141427.1570559125 Hijacking Linux (and BSD) VPN Connections https://seclists.org/oss-sec/2019/q4/122 RASP vs. WAF: Alexander Fry Research Paper https://www.sans.org/reading-room/whitepapers/application/runtime-application-self-protection-rasp-investigation-effectiveness-rasp-solution-protecting-vulnerable-target-applications-38950

Dec 5, 2019 • 6min

ISC StormCast for Thursday, December 5th 2019

Atlasian Companion App / IBM Aspera Cloud https://www.theregister.co.uk/2019/12/05/atlassian_zero_day_bug/ https://confluence.atlassian.com/doc/administering-the-atlassian-companion-app-958456281.html https://twitter.com/tmslft/status/1202056063878606848?s=20 Fake Python Library in PyPi https://github.com/dateutil/dateutil/issues/984 GoAhead Web Server Vulnerability https://talosintelligence.com/vulnerability_reports/TALOS-2019-0888

Dec 4, 2019 • 6min

ISC StormCast for Wednesday, December 4th 2019

Avast Online Security and Avast Secure Browser Blocked for Spying on Users https://palant.de/2019/10/28/avast-online-security-and-avast-secure-browser-are-spying-on-you/ Google Android Updates https://source.android.com/security/bulletin/2019-12-01 Strandhogg Vulnerability https://promon.co/security-news/strandhogg/ Firefox 71 Released https://www.mozilla.org/en-US/security/advisories/mfsa2019-34/

Dec 3, 2019 • 6min

ISC StormCast for Tuesday, December 3rd 2019

Increased Scans on Port 26 https://isc.sans.edu/forums/diary/Next+up+whats+up+with+TCP+port+26/25564/ Recent Ursnif Malspam https://isc.sans.edu/forums/diary/Ursnif+infection+with+Dridex/25566/ Windows 7 Extended Security Updates https://www.microsoft.com/microsoft-365/partners/news/article/announcing-paid-windows-7-extended-security-updates QNAP Patches Photo Station https://www.qnap.com/en/security-advisory/nas-201911-25

Dec 2, 2019 • 7min

ISC StormCast for Monday, December 2nd 2019

Agent Tesla Malware Sample Analysis https://isc.sans.edu/forums/diary/Finding+an+Agent+Tesla+malware+sample/25554/ Search With SauronEye https://isc.sans.edu/forums/diary/ISC+Snapshot+Search+with+SauronEye/25558/ Splunk Y2K20 Patch https://docs.splunk.com/Documentation/Splunk/8.0.0/ReleaseNotes/FixDatetimexml2020 Google TAG Quarterly Summary https://blog.google/technology/safety-security/threat-analysis-group/protecting-users-government-backed-hacking-and-disinformation/

Nov 27, 2019 • 6min

ISC StormCast for Wednesday, November 27th 2019

Playing With Phishing https://isc.sans.edu/forums/diary/Lessons+learned+from+playing+a+willing+phish/25552/ HPE SSD Drives will Stop Working in 3 years https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00092491en_us Malicious Android SDK Captures Social Media Data https://help.twitter.com/en/sdk-issue Kasperski API Exposed to Websites https://palant.de/2019/11/26/internal-kaspersky-api-exposed-to-websites/ Malicious Ad Statistics https://www.confiant.com/Demand-Quality-Report-Q3-2019

Nov 26, 2019 • 5min

ISC StormCast for Tuesday, November 26th 2019

DNS over HTTPS (DoH) in SOHO Networks https://isc.sans.edu/forums/diary/My+Little+DoH+Setup/25548/ Fortinet Weak Crypto https://sec-consult.com/en/blog/advisories/weak-encryption-cipher-and-hardcoded-cryptographic-keys-in-fortinet-products/ Tracking Web Users via DNS https://github.com/uBlockOrigin/uBlock-issues/issues/780

Nov 25, 2019 • 5min

ISC StormCast for Monday, November 25th 2019

Web Filter Misconfiguration Abused for Recognisance https://isc.sans.edu/forums/diary/Abusing+Web+Filters+Misconfiguration+for+Reconnaissance/25538/ Local Malware Analysis with Malice https://isc.sans.edu/forums/diary/Local+Malware+Analysis+with+Malice/25544/ Multiple Vulnerabilities in VNC https://www.kaspersky.com/blog/vnc-vulnerabilities/31462/

Nov 22, 2019 • 6min

ISC StormCast for Friday, November 22nd 2019

Weaknesses in Memory Encryption Solutions https://arxiv.org/abs/1908.11680 GetMonero Wallet Compromised https://web.getmonero.org/2019/11/19/warning-compromised-binaries.html RIPlace Ransomware Detection Bypass https://www.nyotron.com/blog/nyotron-discovers-potentially-unstoppable-ransomware-evasion-technique-riplace/ Microsoft Office Remote Content Triggers in Preview Pane https://medium.com/@curtbraz/getting-malicious-office-documents-to-fire-with-protected-view-4de18668c386

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!

App store banner

Play store banner